The CIA Triad and Differences of Authentication & Authorization

Posted by nmayo003 on

Knowing The CIA Triad
The CIA Triad is a model that consists of three principles which are interrelated being confidentiality, integrity, and availability. With confidentiality, this ensures that people that are authorized to view sensitive information are the only people able to access it. This makes it so the information is kept private and helps keep it secure. An example would be strict access controls to prevent unauthorized people from getting into sensitive data. Integrity makes it so the data or information is kept in its original form and remains accurate as well as consistent unless otherwise from authorized personnel. Some ways to make sure integrity is kept is to have digital signatures and version control to see unwanted changes. Finally, with availability, we can ensure that information is accessible to certain users which are authorized with this principle (What Is the CIA Triad?, 2025).

Authentication VS Authorization
Even though these two processes are different, they work together very well. Authentication is known as the process of verifying a person or user’s identity. It answers “Who are you?” with the methods of passwords, biometrics, or security tokens. An example would be logging into a website with a username and password which then identifies who you are. (Authentication Vs. Authorization – Identity Fundamentals, n.d.) With Authorization, once a person is identified (or logged in), this process determines what applications, actions, or resources you are available to access. For instance, if you log into the company’s email system like (______@odu.edu) students have access to only themselves and their own emails, but teachers and administrators might have access to a bigger role. Or as a role in people be able to access certain rooms within a company (Authentication Vs. Authorization: What’s the Difference?, n.d.).

Conclusion
In summary, these principles and processes provide a robust framework like the CIA Triad by including confidentiality, integrity, and availability. They lay the foundation of protecting sensitive information from unwanted people/entities and ensuring that data remains accessible to the people who need it. By understanding and using both the CIA Triad and knowing the differences between Authentication and Authorization, companies and organizations can create a place where systems and data can remain in a safe and protected environment.



References
Authentication vs. Authorization – Identity Fundamentals. (n.d.). Auth0. Retrieved February 23, 2025, from https://auth0.com/docs/get-started/identity-fundamentals/authentication-and-authorization
Authentication vs. Authorization: What’s the Difference? (n.d.). OneLogin. Retrieved February 23, 2025, from https://www.onelogin.com/learn/authentication-vs-authorization
What Is the CIA Triad? (2025, February 6). Coursera. Retrieved February 23, 2025, from https://www.coursera.org/articles/cia-triad

Leave a Reply

Your email address will not be published. Required fields are marked *